# Jitsi Meet Guide


## Steps in Debian Buster VM

-   aptitude
-   synaptic package manager
-   vim
-   nginx (was already installed)
-   apt-file

-   download and add gpg key

        wget --quiet --output-document 'jitsi-key.gpg.key' https://download.jitsi.org/jitsi-key.gpg.key | cat 'jitsi-key.gpg.key' | apt-key add -
        sh -c "echo 'deb https://download.jitsi.org stable/' > /etc/apt/sources.list.d/jitsi-stable.list"

-   update repositories

        apt-get update

-   Setup NGINX:

        apt install -y nginx
        systemctl start nginx.service
        systemctl enable nginx.service

-   install jitsi-meet

        apt-get install --yes jitsi-meet

-   enter hostname for "Jitsi Videobridge"
    -   perhaps localhost.com will work

-   decide for self-signed certificate or custom certificate
    -   later can run:

            sh /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh


## docker


### Install docker

-   remove old versions

        apt-get remove docker docker-engine docker.io containerd runc

-   update repos

        apt-get update

-   install required system packages

        apt-get install \
          apt-transport-https \
          ca-certificates \
          curl \
          gnupg-agent \
          software-properties-common

-   add docker gpg key

        curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
        apt-key fingerprint 0EBFCD88  # 9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88

-   add docker repository

        add-apt-repository \
         "deb [arch=amd64] https://download.docker.com/linux/debian \
         $(lsb_release -cs) \
         stable"

-   update repos

        apt-get update

-   install docker packages

        apt-get install docker-ce docker-ce-cli containerd.io

-   add user to docker user group

        usermod -aG docker ${USER}

-   run hello world test

        docker run hello-world


### Uninstall docker

    apt-get purge docker-ce docker-ce-cli containerd.io
    rm -rf /var/lib/docker
    rm -rf /var/lib/containerd


## Old Jitsi Meet Guide

This repository contains instructions on how to setup Jitsi.

This is work in progress.


### Preparations


#### System packages

Update package source and packages:

    apt-get update && sudo apt upgrade

This might be optional: Enable HTTPS for APT:

    apt-get install apt-transport-https

Install `curl` if it is not installed already:

    apt-get install curl

`curl` will be used later to install a GPG key. An alternative could be using `wget`.

Add universe package repository:

    apt-add-repository universe


#### System configuration constants


##### Limits

Change the following values in `/etc/systemd/system.conf`:

    DefaultLimitNOFILE=65000
    DefaultLimitNPROC=65000
    DefaultTasksMax=65000

Then restart the service:

    systemctl daemon-reload


###### Explanation

(TODO: Why is it necessary to change these values?)

-   `DefaultLimitNOFILE=65000` sets the maximum number of open file handles to 65000.
-   `DefaultLimitNPROC=65000` sets the maximum number of running processes to 65000.
-   `DefaultTasksMax=65000` sets the maximum number of running tasks to 65000.


##### Hostname

Configure the host name of the system:

    hostnamectl set-hostname <full domain of this server>

Additionally set the host name in `/etc/hosts`:

    127.0.0.1 localhost <domain>


###### Explanation

(TODO: Why is it required to set the host name using `hostnamectl`?)

Setting the host name redirection in `/etc/hosts` allows us to make use of the domain name in a local deployment, avoiding DNS resolution for the domain of this server.


### Installation of Jitsi Meet


#### System packages


##### Get the Jitsi GPG key

    curl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'
    echo 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/' | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null


###### Explanation

apt packages are signed using a GPG key. This key is not already on the system usually. The key is used to calculate the checksums of apt packages, to verify integrity of transmitted packages.

1.  `curl https://download.jitsi.org/jitsi-key.gpg.key` downloads the key.
2.  `sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg'` un-ascii-armors the input using `gpg --dearmor` and uses super user privileges to write the un-ascii-armored key to `/usr/share/keyrings/`.
3.  `echo 'deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/` outputs the string `deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/`.
4.  `sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null` outputs the input string and also writes it to the file `/etc/apt/sources.list.d/jitsi-stable.list`. However, any output of `tee` itself is redirected to `/dev/null`, so that it is discarded.

The combination of `echo` without `sudo`, the pipe, and `tee` with `sudo` is required, because redirections are processed before commands (see: <https://www.gnu.org/software/bash/manual/html_node/Redirections.html>). Only redirecting using `echo` with `sudo` would not work, because the redirection `>>` would be processed before `echo` with `sudo` and a permission error would occur. Using `tee` the target file is not redirected to, but is an argument instead.
It is also stated at <https://askubuntu.com/a/103644>.


### Acknowledgement

Sources are for information are:

-   <https://scheible.it/jitsi-meet-server-installation/>
-
